"It is impossible for ideas to compete in the marketplace if no forum for
  their presentation is provided or available."           Thomas Mann, 1896

---

IBM Tivoli Security Compliance Manager

Contributed by IBM - Tivoli Group

The number of security incidents enterprises face are increasing daily. Additionally, enterprises need to address compliance with an increasing number of government and corporate security policies, standards and regulations.

IBM Tivoli Security Compliance Manager is a new security policy compliance product that acts as an early warning system by identifying security vulnerabilities and security policy violations for small, medium and large businesses. Tivoli Security Compliance Manager helps organizations define consistent security policies and monitor compliance of these defined security policies. Security policies can be based on both internal security requirements and industry-standard security policies.

Product Highlights:

• Automates scans of servers and desktop systems which can help reduce the cost and time associated with manual security checks

• Provides reports to security officers and compliance auditors with detailed information about the security health of the business so they can take the appropriate steps to make individual systems and departments compliant

• Identifies software security vulnerabilities prior to costly damage being inflicted by security incidents

• Improves business operations and helps to increase efficiencies though automation and centralization

• Assists in addressing to compliance issues in regulations and standards by automating compliance tasks, monitoring correspondence, reducing human error, and taming compliance costs

• Integrates with Tivoli's automated security management tools to help mediate security policy violations and risks

Tivoli Security Compliance Manager is designed for customers who are concerned with compliance and regulations as well as those concerned with identifying and fixing security weaknesses and vulnerabilities in their IT infrastructure. In assisting with compliance issues, the software comes with pre-defined recommended security policies and can be customized to fit specific regulatory, industry or corporate security policies. The software helps provide a more efficient way to gather and manage information about the health of systems, and enterprises can use that data to help them comply with regulations like the Health Insurance Portability and Accountability Act (HIPAA).

Tivoli Security Compliance Manager audits systems and applications for vulnerabilities and identifies violations against security policies. The software uses a red, yellow, green, stoplight-style warning system to alert security administrators and users, whether systems comply with security policy. For example, the software could send reports or an email to administrators showing which systems have passwords set properly, which have anti-viruses signature files are up-to-date, and which have dangerous or unnecessary services running. The software can help identify security vulnerabilities across AIX, Solaris, HP-UX, Windows, Linux and Linux on zSeries.

• AIX
• HP-UX
• Linux
• Novell NetWare
• Solaris
• Windows NT
• Windows XP
• Windows 2000

Visit the Authors Web Site